Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1990 validate input fields on put form endpoint requests #1991

Merged
merged 3 commits into from
Jan 13, 2021
Merged

1990 validate input fields on put form endpoint requests #1991

merged 3 commits into from
Jan 13, 2021

Conversation

ivermac
Copy link
Contributor

@ivermac ivermac commented Jan 12, 2021
edited
Loading

Changes / Features implemented

Validate form version and sanitize form description

Steps taken to verify this change does what is intended

Added checks in a test to validate form versions don't have invalid characters and ensure form description with html tag characters are sanitized

Side effects of implementing this change

Closes #1990

Fixed has been inspired by https://devstringx-technologies.medium.com/html-injection-f1c9fc713d51

@ivermac
Trigger error on version invalidity and sanitize description
861e269 
Signed-off-by: Mark Ekisa <[email protected]>
@ivermac
Test suggested enhancement
6633330 
Check that error is triggered when version is invalid and description is sanitize if it has html tag characters

Signed-off-by: Mark Ekisa <[email protected]>
@ivermac ivermac requested review from pld and ukanga January 12, 2021 14:31
pld
pld previously approved these changes Jan 12, 2021
View reviewed changes
@pld
Copy link
Member

pld commented Jan 12, 2021

not sure what's up w/the nonetype errors in build but flake8 error is easy to fix

ukanga
ukanga previously approved these changes Jan 12, 2021
View reviewed changes
ukanga
ukanga reviewed Jan 12, 2021
View reviewed changes
Copy link
Member

@ukanga ukanga left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is flake8 issue, that should be addressed first.

@ivermac ivermac dismissed stale reviews from ukanga and pld via a631a17 January 13, 2021 05:32
@ivermac
Code cleaning
f4fc180 
Signed-off-by: Mark Ekisa <[email protected]>
@ivermac ivermac force-pushed the 1990-validate-input-fields-on-PUT-form-endpoint-requests branch from ab05b64 to f4fc180 Compare January 13, 2021 09:38
@ivermac ivermac merged commit f44c792 into master Jan 13, 2021
@ivermac ivermac deleted the 1990-validate-input-fields-on-PUT-form-endpoint-requests branch January 13, 2021 10:30
@DavisRayM DavisRayM mentioned this pull request Jan 20, 2021
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ukanga ukanga ukanga left review comments

@DavisRayM DavisRayM DavisRayM approved these changes

@pld pld pld left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Check validity of input when making PUT request on forms endoint
4 participants
@ivermac @pld @ukanga @DavisRayM